Thu, Nov 7, 4:12 PM CST

Renderosity Forums / Community Center



Welcome to the Community Center Forum

Forum Moderators: wheatpenny Forum Coordinators: Anim8dtoon

Community Center F.A.Q (Last Updated: 2024 Nov 07 10:21 am)

Forum news, updates, events, etc. Please sitemail any notices or questions for the staff to the Forum Moderators.



Subject: Rendo/DAZ popups / spam


EricofSD ( ) posted Tue, 30 October 2012 at 8:46 PM · edited Thu, 07 November 2024 at 4:08 PM

One of the things I have enjoyed about being a member of Rendo is that you guys don't spam.  Lately, my viewing of the Rendo site has been disrupted with DAZ popups. 

If rendo is giong to this advertising tactic, then I am very disappointed and will not recommend Rendo to others.  I will warn others to stay away. 

Bottom right of the screen shows a DAZ popup when logging in. That's one image.  The other image shows a firefox popup, but I didn't have FF going.  It was entirely on MS Exploder.

 

I tried to upload two screen shots and when I went to Attach FILE, I was directed to http://www.uti.edu/request-info/request-info-halogen/b/?utm_source=Sec&utm_medium=Display&utm_term=RON&utm_campaign=Mar


EricofSD ( ) posted Tue, 30 October 2012 at 8:48 PM

file_488133.jpg

here's the first popup


EricofSD ( ) posted Tue, 30 October 2012 at 8:50 PM

file_488134.jpg

Look at the bottom right.

 

Here's the second info that says firefox, but I'm not on FF, I'm on MS Exploder and have been for a few days.

This started about two weeks ago or more.


EricofSD ( ) posted Tue, 30 October 2012 at 8:51 PM

So why am I being spammed by superfish dot com?


EricofSD ( ) posted Tue, 30 October 2012 at 9:00 PM

seems I cross posted.  post 3 that says "look at the bottom right" was meant for the first image on post 2.


EricofSD ( ) posted Tue, 30 October 2012 at 9:07 PM

file_488135.jpg

Hey, I just got the popup on DAZ. 


EricofSD ( ) posted Tue, 30 October 2012 at 9:16 PM

I do not get the popup on other websites, only DAZ3d and rendo.


EricofSD ( ) posted Tue, 30 October 2012 at 9:34 PM · edited Tue, 30 October 2012 at 9:35 PM

And by the way, I did just do a good cleaning and logged off and back on.

The three orange tabs either want to direct me to anderoezs.net or dpbolvw.net


EricofSD ( ) posted Tue, 30 October 2012 at 9:36 PM

The three orange tabs either want to direct me to anderoezs.net or dpbolvw.net


EricofSD ( ) posted Tue, 30 October 2012 at 9:37 PM

Ok, won't paste.

 

The three orange tabs either want to direct me to anderoezs.net or dpbolvw.net

 

the three orange tabs either want to direct me to anderoezs.net or dpbolvw.net


EricofSD ( ) posted Tue, 30 October 2012 at 9:37 PM

wow, amazing that I can't type or post the redirect sites.


EricofSD ( ) posted Tue, 30 October 2012 at 9:38 PM

andoezrs dot net


EricofSD ( ) posted Tue, 30 October 2012 at 9:39 PM

or

dpvolvw dot net


Janl ( ) posted Tue, 30 October 2012 at 9:48 PM

Quote - So why am I being spammed by superfish dot com?

I did a quick search and came up with these:

 

http://support.mozilla.org/en-US/questions/773286

 

http://support.mozilla.org/en-US/questions/773286

 

http://forums.mozillazine.org/viewtopic.php?f=38&t=1979591&start=0

 

It looks like it could be an addon you have installed or perhaps malware.


Janl ( ) posted Tue, 30 October 2012 at 10:26 PM · edited Tue, 30 October 2012 at 10:28 PM

Found this about dpbolvw.net (see last post):

http://www.tomshardware.co.uk/forum/31689-17-http-dpbolvw-click-link-redirects-here

Do you have an adblocker installed?

I ask because I did at one time and had to uninstall it because of similar problems.


EricofSD ( ) posted Tue, 30 October 2012 at 11:16 PM

Ok, I'll check those out, but I want Rendo and DAZ to cease and desist.


Khory_D ( ) posted Wed, 31 October 2012 at 12:58 AM

At the bottom of your pop ups it says "by CrossRider". I would say they are responsible for your issues not Rendo or DAZ. You may want to contact them about it.

www.Calida3d.com
Daz studio and Poser content creators


Khai-J-Bach ( ) posted Wed, 31 October 2012 at 4:30 AM

Quote - Ok, I'll check those out, but I want Rendo and DAZ to cease and desist.

 

they can't. it's not them doing it.



lazycatstudio ( ) posted Wed, 31 October 2012 at 7:37 AM

Quote - At the bottom of your pop ups it says "by CrossRider". I would say they are responsible for your issues not Rendo or DAZ. You may want to contact them about it.

CrossRider is a development framework used by other developers to deliver their content (including some new viruses, but also legit stuff). They by themself are not responsible for it.


26Fahrenheit ( ) posted Wed, 31 October 2012 at 8:08 AM

looks like you need to clean your PC  ..thats not for DAZ or RENDO's to fix your problem.

You got infected and that why YOU see spam and WE dont ..

 

Simple 😉

HERE are my FREEBEE's

 


EricofSD ( ) posted Wed, 31 October 2012 at 7:56 PM

Ok, thank you for the information.  I have a 3d work project tonight and a meeting tomorrow night so I'll try to work through this Friday or the weekend.

Khai, If its not rendo or DAZ that hired the advertisers, then I guess that makes DAZ and possibly Rendo a victim as well.  At least DAZ now knows that someone is using their logo to lure people.  I can see where folks might think they have a DAZ coupon and then go to the websites that might further have adware coding.  I hope that both companies will investigate on their own and protect their good names.

26F, I've cleaned the system several times with cc cleaner, hyjack this, ATF, a few other cleaners, and run Avast virus and malwarebytes scans and they all come up negative for it.  Actually, I do the cleaning once a week mostly to clear out Poser temp files.  I even checked for rootkits.  So obviously I need to go deeper than that.

Janl, thanks for the research.  Let me see if one of those sites has a removal that will work. 

Khory, well, um, maybe contacting crossfire will just result in more viruses if they are the ones stealing the DAZ logo and Renderosity name.  I'm not sure that contacting them will be of any positive value for me.  But perhaps if DAZ and Rendo as victims wish to contact Crossfire and tell Crossfire to cease that would be to everyone's benefit.

Ok, I don't mean to sound cranky and irritable, but its a natural reaction to unwanted junk.  I am more concerned about data mining.  Hopefully after this weekend I can report some good news and a fix in case anyone else gets this.

 


EricofSD ( ) posted Wed, 31 October 2012 at 8:51 PM · edited Wed, 31 October 2012 at 8:59 PM

Hi gang, I think I have some good news.  This thing was bugging me too much so I went ahead and read through the info that Janl posted.  That was all oriented towards firefox. I was perplexed that even though the properties in IE said it was a firefox plugin, it was happening mostly in IE.  I checked the add ons and plug ins and whatnot for both browsers and nothing in either one.

So, being the adventurous type, I went to regedit and typed in superfish.  I found 4 keys and deleted all 4.  Then a reboot to see if I blew a hive (which I usually end up doing from time to time).  So, anyway, the reboot went fine and guess what?  No more popup.

I don't recommend deleting registry keys for folks because its a great way to crash the OS, but  in this case it seems to have worked.

So unless there is any further info over the next few days, I'm going to close out this issue and get back to the real work of rendering.

Thanks again everyone for ideas.  Oh, and by the way, cc cleaner that has a registry cleaner didn't get it, I had to manually find and remove the keys.

Be well, and I hope DAZ and Rendo go after these guys.  Superfish was the culprit. 

Oh, and by the way, I'm glad to continue recommending R and DAZ to folks.  Now that I think about it, its in the DAZ EULA.  :)  Cheers.


lazycatstudio ( ) posted Thu, 01 November 2012 at 7:59 AM

Quote - Khory, well, um, maybe contacting crossfire will just result in more viruses if they are the ones stealing the DAZ logo and Renderosity name.  I'm not sure that contacting them will be of any positive value for me.  But perhaps if DAZ and Rendo as victims wish to contact Crossfire and tell Crossfire to cease that would be to everyone's benefit.

 

It is NOT DAZ or Rendo or even CrossRider who is to blame. It is YOUR fault.

 

You installed the Superfish Window Shopper toolbar/extension or one of its siblings that is giving you the popups.


Khai-J-Bach ( ) posted Thu, 01 November 2012 at 3:10 PM

Quote -  

Khai, If its not rendo or DAZ that hired the advertisers, then I guess that makes DAZ and possibly Rendo a victim as well.  At least DAZ now knows that someone is using their logo to lure people.  I can see where folks might think they have a DAZ coupon and then go to the websites that might further have adware coding.  I hope that both companies will investigate on their own and protect their good names.

 

again. it's nothing to do with them at all. it read the content of the page and formed it's own links. if you were on a page about cookers, it would have linked cookers. or golf, golf balls and so on.

it's something your machine was, and still is, infected with. I'd recommend using a program like Malwarebytes http://www.malwarebytes.org/ to properly clean this off your system. I'd then recommend running a trusted antivirus, such as AVG, Avast!, Kaspersky, etc (never norton or mcaffee. they cause their own issues).  just removing registry links will not save you from issues and ccleaner does not remove malware in any shape or form.



EricofSD ( ) posted Thu, 01 November 2012 at 11:12 PM · edited Thu, 01 November 2012 at 11:21 PM

Lazy, I did not install superfish.  How it got on the system, I can't say.  I did check the removal websites and looked for the directories that are supposed to be associated with superfish and they do not exist. 

I get the sense you are very offended so let me apologize to you for whatever I said that offends  you.  I was educated here in this thread that the problem was not created or caused by DAZ or Rendo and I believe I have correctly agreed now that what looked like something genuine is now indeed understood by me to be a fake.

Please keep in mind that adware is particularly devious in how it installs and often will install without the user knowing.  I'm not sure that I would call that the user's fault.  If someone out there works very hard to commit fraud, the victim probably ought not to be blamed.  If it were true that a victim is always at fault then we live in a very sad world.  I believe the fault is the company and the programmers that created the install and took the good name of DAZ and Renderosity.

Now it is true that a computer owner ought to learn about safe browsing and in doing so, can minimize the exposure.  I read where a substantial percentage of websites have unwanted code in them.  It is a big enough problem that companies like Norton and Avast and Malwarebytes, etc, are constantly releasing updates (almost daily) to try and protect against this problem.  I did my part by purchasing those programs and I use them.  Avast Pro has a web shield and it has been active since I bought this system.  Users are often taken unaware and duped, as in this case.  All I can do is recant my irritable comment, apologize, and share what I did to try and deal with it.

I hope that some day you be able to understand what I said here.

 

Khai, yeah, I do sort of wonder if something was left behind.  It seems to be deactivated.  While the popup was active, I often saw net traffic and CPU usage when the system was idle.  That could be any number of things from legitimate services running to adware.  If I can get to the resmon fast enough I can see what is triggering the useage, but often it just says "system" without enough detail to know anything more.  My hosts files are clean, I checked those manually.

I did run Avast pro and malwarebytes, as I said above, and neither found the program.  I do not ever recall seeing a shopper toolbar and none show up in activex or program manager or add ons in any of my browsers or windows uninstall areas.  So this weekend I might try to learn more about superfish and see if I can locate anything left behind that might be silently active.

Freinds, if there is a lesson to be learned here, its that even semi-savvy computer users can be taken advantage of unawares.  Some of the adware is pretty sophisticated.  Even emails that look like they came from ebay or the bank or the ISP can be fraud.  I often hover the mouse over a link to see where it wants to go before going there, which is how I realized that this DAZ / Rendo popup was trying to direct me elsewhere.  Maybe it was legit, but we have learned it is not.

I hope the hostility can die down now.

 


Khory_D ( ) posted Fri, 02 November 2012 at 12:35 AM

You may have picked it up someplace that ought to be trust worthy. CNET comes to mind these days as an example. They stick a few things at the front of downloads and unless you uncheck boxes they install them. It may even have been somewhere that use to be safe to download from in the past but has gotten sketchy.

www.Calida3d.com
Daz studio and Poser content creators


EricofSD ( ) posted Tue, 20 November 2012 at 1:06 AM · edited Tue, 20 November 2012 at 1:11 AM

I did a major cleaning.  Mostly manual.  Found the offending directory "installation assistant."  Yeah, like I need help installing things.  :)  I remember seeing that in the windows program uninstall and did uninstall but it was a fake, the directory remained and continued to spam.  When I deleted the directory and all references in the registry this issue cleared up a bit more.

I pulled a lot of stuff out of the registry and it wasn't just the application.  Took a while to search the registry for all the known keys.   Found torrent, and a few others.  I don't use P2P or anything like that.

cnet might have been involved.  I watch the check boxes pretty close but who knows, maybe I missed one.  I do use cnet from time to time and will be weary from now on.

I hope Renderosity and DAZ takes the time to go after these people who used the logo and names.  Shortly after this event I got emails and notices from Rendo about coupons.  DAZ offers the same from time to time.  Whoever concocted this scheme spent some time to learn who their victims were and did a great job of scamming.

My computer guy told me to enable PUP blocking in Avast.  Apparently there are some legitimate uses of this, which is why it is disabled by default.  I don't think I need this so it is now a part of the scan.


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.